Mikhail Egorov

8 exploits Active since May 2015
CVE-2019-1003000 METASPLOIT HIGH ruby WORKING POC
Jenkins Script Security Plugin < 1.50 - Sandbox Bypass Remote Code Execution
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
CVSS 8.8
CVE-2019-1003001 METASPLOIT HIGH ruby WORKING POC
Pipeline: Groovy Plugin <2.61 - RCE
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
CVSS 8.8
CVE-2019-1003005 METASPLOIT HIGH ruby WORKING POC
Jenkins Script Security Plugin <1.50 - RCE
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
CVSS 8.8
CVE-2019-1003029 METASPLOIT CRITICAL ruby WORKING POC
Jenkins Script Security Plugin <1.53 - RCE
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.
CVSS 9.9
CVE-2018-1000408 METASPLOIT MEDIUM ruby WORKING POC
Jenkins ACL Bypass and Metaprogramming RCE
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database security realm that results in the creation of an ephemeral user record in memory.
CVSS 6.5
CVE-2018-1000861 METASPLOIT CRITICAL ruby WORKING POC
Jenkins < 2.138.3 and < 2.153 - Remote Code Execution via Stapler Framework URL Invocation
A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.
CVSS 9.8
CVE-2019-1003002 METASPLOIT HIGH ruby WORKING POC
Pipeline: Declarative Plugin <1.3.3 - RCE
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
CVSS 8.8
CVE-2015-1833 EXPLOITDB python WORKING POC
Apache Jackrabbit XML External Entity Injection via WebDAV Request
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.